As If the Perimeter was not Blurred Enough
As cloud adoption began accelerating several years back the growing predictions of a doomed enterprise perimeter also increased. And then the pandemic hit… With the dawn of a 100% remote workforce, the story quickly changed from that of a fading perimeter to one that is rapidly vanishing.
But the passage to a digitally transformed cloud-enabled enterprise will not happen overnight. Understanding the importance of properly managing the transformation and living in the hybrid environment for the many years ahead is paramount. Necessarily, this will drive dramatic changes in the way we secure our networks.
IT leaders are faced with managing their budgets to include new technologies but there is also growing awareness that added heterogeneity can introduce its own set of challenges, including dramatic increases in complexity. Failure to address growing complexity can result in misconfigurations which ultimately translates to a potential for increased risk.
But where are enterprise security leaders placing their bets for the coming years? According to new independent research on the Future of Network Security, they’re focusing on automation, SASE, zero trust, and alignment between security and development.
The new survey report surfaces some key insights that should provide additional clarity for organizations as they prepare for an agile approach to address security across the new enterprise hybrid expanse.
The survey as mentioned above reflects how investments in security orchestration and automation have become a top priority, with 40% of respondents saying they will implement them in 2021. In fact, the automation of network security policies will spike in the next two years to combat the challenges caused by rising complexity.
This impetus comes down to improving agility and responsiveness, reducing time to discovery and resolution, improving compliance and security efficiency through automation. Beyond automation, investing in network security policy management will help improve speed and responsiveness, with 53% of respondents stating they plan to do so within the next 12 months.
Fueled by a more distributed and mobile workforce and an increasing reliance on cloud-based applications, 86% of organizations have either implemented a Zero Trust Architecture or plan to do so within two years.
Unsurprisingly, the most significant drivers for Zero Trust are the increased need for secure remote access (due to COVID-19), the need to reduce cybersecurity risk, and supporting the transition to cloud architectures.
Investments in Secure Access Service Edge (SASE) to mitigate malware's ability to spread across the network will also increase, with two out of three respondents planning to implement such a platform by 2023.
Driving this is the adoption of Zero Trust Network Architecture to replace legacy VPNs. Reducing cost and complexity and enabling an increasingly mobile and distributed workforce also contribute to this shift in mindset. Even though organizations will be aggressively pushing SASE, these solutions will exist alongside traditional data center and cloud network security approaches for the foreseeable future.
- Addressing Security-Dev Misalignment
Only 18% of organizations say their application development and delivery processes are wholly aligned with network security operations as every company has now become a software company. DevOps and continuous delivery are critically important. But friction between development and security/compliance gives rise to vulnerabilities and provides fertile ground for costly misconfigurations and unplanned downtime.
- Managing Accelerating Heterogeneity
Because a "one size fits all" approach has proven unsuccessful, IT security leaders will instead work with several vendors if that gives them the means of incorporating the best technologies into their stacks. However, this will give rise to managing accelerating heterogeneity.
To do so requires access to robust APIs. The survey has found that 80% of leaders prefer tools with open APIs that can integrate security capabilities into their workflows and adapt as needs change.
While addressing the rapidly evolving DevOps environment and still meeting business growth and cybersecurity requirements is challenging, the signs are positive. Only 5% of IT leaders are not concerned about network security integration with their current IT environment.
Having clear priorities such as these in mind when developing future strategies will prove invaluable for organizations looking to better prepare for a digitally led future.
Review the Full Findings of the Future of Network Security
To review the full findings or to download a copy, please visit here.